Indonesian Journal of Electrical Engineering and Computer Science 
Vol. 30, No. 3, June 2023, pp. 1651~1658 
ISSN: 2502-4752, DOI: 10.1159 1/ijeecs.v30.i3.pp1651-1658 oO 1651 


Efficient palm vein authentication encryption technique in 
wireless implantable medical devices 


Ahlam Almukhlifi, Saad M. Almutairi 


Master of Information Security, Department of Information Technology, Faculty of Computers and Information Technology, 


University of Tabuk, Tabuk, Saudi Arabia 


Article Info 


ABSTRACT 


Article history: 


Received Dec 22, 2022 
Revised Jan 14, 2023 
Accepted Jan 19, 2023 


Keywords: 


Biometric encryption 
Hashing 

Implantable medical device 
security 

Palm vein authentication 


Implantable medical devices (IMD) are commonly utilized to treat chronic 
illnesses. Many IMD communicate in wireless mode using an external 
programmer, which raises security concerns. Security of IMD is a critical 
issue which assaults direct harm to patients. Many researches are carried out 
on IMD security and challenges when the patient is not in a critical situation. 
Still, it would be a major issue while the patient is unconscious. In this 
research, a novel scheme for emergency secure access control of IMD was 
proposed to improve the security of biometric-based IMD schemes. The 
proposed authentication scheme uses a combination of palm vein and zero- 
watermark to generate encrypted credential data for IMDs. Using quantitative 
assessment for evaluating images, such as the peak signal-to-noise ratio 
(PSNR), structural similarity index (SSIM), and the mean squared errors 
(MSE), the suggested framework is shown to be superior to existing methods. 
Two other study goals are improved efficiency and image quality at a lower 


Wireless security computational cost. 
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1. INTRODUCTION 

Wireless communication technology is progressive, when it is being integrated into healthcare and 
medical devices. It will be more effective in real-time medical based applications by providing prompt replies 
to patients on time. The quality of life of many people has improved dramatically as a result of these 
advancements [1]. Wireless communication is available on all contemporary implantable medical devices 
(IMD), together with cardiac pacemakers, implantable cardioverter-defibrillators (ICDs), neurostimulators, 
and insulin pumps. Modern IMDs have a radio transmitter that allows them to interconnect with a 
"programmer," an exterior device. An approved IMD systems analyst is able to carry out instructions to change 
IMD arrangement locations and therapy-related parameters, as well as obtain critical information for health 
observation [2]. However, some researchers have shown that effective attacks on IMDs not only conciliation 
the privacy of therapeutic information but can also trigger malevolent actions in the IMD, potentially harming 
or even killing a patient [3], [4]. So, it's critical to keep sensitive data safe from adversaries [5]. A key difficulty 
in the IMD security design is balancing security and accessibility [5], [6]. This study aims to rise the security 
of the IMD in emergency medical situations, which constitutes one example: decision making, devices with 
more computing, and message competences. Some examples of IMD are shown in Figure 1. Figure 1(a) shows 
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an artificial pacemaker, Figure 1(b) shows a Medtronic InterStim neuro-stimulation device, Figure 1(c) shows 
a semi-implanted insulin pump monitor and Figure 1(d) shows a cochlear implant. 
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Figure 1. Implantable medical devices [6] (a) artificial pacemaker, (b) Medtronic InterStim neuro-stimulation 
device, (c) semi-implanted insulin pump monitor, and (d) a cochlear implant 


Traditional security, such as knowledge-based and object-based solutions, is not applicable here 
because of the use of security keys or credentials to authenticate programmers to IMDs. So, quickly recovering 
credentials or keys in an emergency is very difficult. This authentication is normally accepted by requesting a 
person who claims they are to supply one or more of three components that based on: knowledge-based (like 
a password, personal identification number (PIN)), object-based (like a physical key, identification (ID) cards), 
or body characteristics based (like a fingerprint, palm vein) [7]. Otherwise, biometric methods are 
recommended in an emergency due to biometrics are permanent, universal and inherent (every person is 
carrying), cannot be lost or forgotten, are unique, efficient, have a higher perceived degree of security, 
recordable and measurable [8]. Various biometric-based resolutions have been projected to handle the 
particular difficulty of balancing security and accessibility for the IMD during an emergency. Security schemes 
based on scanning a patient's fingerprint [9], electrocardiogram (ECG) signals [10], utilizing patients’ iris data 
[11], using the patient fingerprint to unlock their smart-phone [12]. The collaborative design approaches, 
including minimizing peel and cleavage-loading circumstances, should expand to accommodate the ever- 
shrinking device sizes. Biometrics technologies have played a significant role in gaining access to secure places 
and simplifying the identifying process of people in comparison to traditional techniques such as cards, 
passwords, and so on [13]. Among the various biometrics, fingerprint is more feasible for developing a secured 
solution towards a system [14]. The author comes with finger-to-heart (F2H) IMD authentications mechanism 
in this work to address the security-accessibility trade-off [15]. All biometrics mentioned above have issues 
and are inappropriate to use with IMD: 

- The drawbacks of fingerprint are: fingerprint is more exposition to change with time because it is exposed 
to the elements and is subject to cuts and damage. Cuts and scrapes on the finger might cause fingerprint 
scanners to fail to recognize a valid user, resulting in IMD rejecting access (false reject); some users are 
unable to enrolling the system, and the accuracy and operation of the system are influenced by people's 
skin problems. 

- While the drawback of an Iris scan is that it can't utilize a normal camera, and visible light must keep to a 
minimum for the best accuracy, it is affected by some diseases such as cataracts and require cooperation 
from the user. That means if an unconscious patient, doctors cannot access the IMD. 

- The drawback of ECG signals is that the IMD must detention and progression biometric characteristics 
each time a secure get-to attempt is made, which requires many resources within the IMD. Hence, resource 
consumption is the major concern when implementing the security based on ECG to the IMD [16]. 

Salt generation for hashing approaches using electrocardiogram reading for immediate accessibility 
to IMD was developed by Belkhouja et al. [17]. Here, the patient's current heartbeat serves as the verification 
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key. These details will be fed into a method to produce a hash tail for use in exchanging data in between IMD 
and the future healthcare system. Electrocardiogram (ECG) signal-based safety systems, in which a physician 
brings attention to the patients IMD through analyzing patient’s actual ECG signals, have also been 
investigated in some papers [18], [19]. 

Hei and Du [11] comes with biometrics-based two-levels protected accesses controls for IMD during 
emergency [20]. In this paper, the researchers introduce a unique biometrics-based two-levels secured access 
control (BBS-AC) method for IMDs in emergencies in this work (e.g., in an Unconscious). Ahmad et al. [20] 
develop light weight and privacy-preserving templates generations for palm vein-based human recognitions 
[21] and proposed a wave atoms transforms (WAT) based palm vein recognitions method that is both efficient 
and privacy-preserving. Mishra et al. [21] comes with a lossless model for the identification of biometric 
images for the generation of unique digital code [22]. Although the admirable attempts created by the academic 
communities, there were still problems that need to be solved, including insufficient fundamental capabilities, 
higher communications and computational overheads, and formal lag in security verifications [23]. Dorsal hand 
vein (DHV) biometrics, one of the newest biometrics technologies, has drawn a lot of attention lately [24]. 
This study develops a hybrid verification method that was depended on biometrics and encryptions 
technologies. This study uses sophisticated standards of encryption as the reliable encryption systems and 
fingerprint as a biometric technology for achieving stronger and reliable techniques [25]. The multi-biometric 
systems that identify people using hand-based modalities are the subject of this work. Additionally, it discusses 
alternative feature extraction strategies and analyses their effectiveness using one of the biometric systems' 
performance indicators [26]. The proposed bio-cryptosystem maintains cancellable feature vectors online in 
encrypted form, which was utilised to identify or validate the subjects following decryptions [27]. The research 
gap table is given in Table 1 with advantages and disadvantages. 

The research presented was ordered as shown in: section 2 provides system architecture of the research 
method. Section 3 provides a description of the scientific procedures that have been followed in a proposed 
work. The experimental setup, output and the discussions are represented in section 4. Section 5 concludes the 
work. 


Table 1. Research gap with their advantages and disadvantages 


Method 


Advantages 


Disadvantages 


Hashing schemes 
[17] 


H2H [18-20] 


Finger-to-Heart 
(F2H) [15] 
BBS-AC [21] 


WHAT [22] 


Zero 
watermarking 
approaches [23] 


This approach sought to resolve the problem of 
granting access to the IMD for medical care in an 
urgent situation, even without the user's 
participation. 

Not even like what's needed for urgent access, these 
procedures save resources. 


With this, concerns for the patient's well-being and 
the need for a high-security level are addressed. 


There is a risk that the implant, and the patient's 
health, might be compromised in this way. 
Particularly useful for low-capacity authentication 
systems, this technique solves the problems of 
pattern storage, calculation, the privacy of identity 
features, and efficiency reliability. 

This ID is a meaningless piece of paper devoid of 
personal or identifying information about the 
owner. 


Nevertheless, IMDs are vulnerable to hacking with such 
wireless technologies. 


But suppose an incapacitated patient with this IMD is 
transported to an unknown emergency department. In that 
case, any doctors who don't have the right security 
permissions won't be able to access the IMD. 

The fingerprint picture will not be taken if the glass area 
where the finger stays during the detection phase has been 
scratched, which is a problem, especially for older 
persons with a heritage of forced work. 

The criminals may easily steal the fingerprint and use it 
to make a false one. 

Because of their size and location, these IMD have limited 
resources, including power, memory, and processing 
speed, that must be included in any proposed security 
measures. 

In addition, a protection solution's viability depends on its 
ability to handle crises and everyday situations. 


2. PROPOSED SECURE AN IMD WITH PALM VEIN METHOD 


Figure 2 depicts a system architecture to encourage the implementation of palm vein-based security 
techniques in an IMD. IMD is a medical device that is entrenched into the body of a patient. An external reader 
(programmer) could use the wireless communication channel to connect with the IMD. The IMD system 
comprises the IMD and the programmer that goes with it. IMD will extract the palm vein features and store it 
with an associated person for future use. Figure 3 depicts the outline of the proposed work. The functionalities 
and hardware following must add to the existing IMD systems to deploy the palm vein-based IMD security 
models. 

-  Process-A is palm vein acquisition-> ROI->feature exaction ->PVC. 
- Process B generates a digital binary of personal identity/zero-watermark. 
- WI. Ensuring integrity and authentication using correlation coefficient. 
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Figure 2. Palm vein-based IMD security architecture 
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Figure 3. Outline of the work 


2.1. Zero watermark generation 


Assuming the user’s palm vein image is PV with the dimensions is N x N, and the corresponding 


two-fold watermark palm vein image is BPV, BPV = {BPV(i,j) € {0,1},0 <i < 1,0 <j < J}, and the size 
is I] x J. The detailed phases of the zero-watermark production stage are given as: 


Calculating the coefficients of PVCs: in this phase, compute the maximum order xX nq, [24] PVCs of the 
host PV image and have total T = (Xing, + 1)? features, where a T- length vector of the amplitudes is 
created. 

Feature selection (FS) is constructed on the typical assortment criteria in [25] and retaining a secret key, 
SK,,1 XJ quantity, which is the watermark image dimensions, the accurate and precise premature 
ventricular contractions (PVCs) coefficient set, M would be M = {|PVC;,;|,j # 4m,me€ N},i,j = 
1,2,..,N. 

Feature vector generation, where the J x J of PVCs constants produced in FS is used for the feature image 
creation. The J x J amount PVCs instants is arbitrarily designated from the designed PVCs moments (set 
M), where compute the bounties and yield the vector V = {v(i),0 <i <I x J}. 

Binary feature vector generation: the two-fold feature categorization BPV = {BPV(i),0 <i<Ix/J}is 
obtained from the feature direction/sequence V, is shown in (1): 


1 ifV;>Th 


BPV ={ 9 if V;<Th () 
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where Th is the threshold that depends on mean value of V, the binarized direction/sequence BPV was 
rearranged into a 2D binary feature image, T, with the size of I x J. 

- | Watermark palm vein image generation: the achieved XOR process is used in scrambling the watermark 
image, WPVC [24] and the image’s feature T to produce the zero-watermark as given in (2). 


WPV Crore: WPVCrero =T @ WPVC (2) 


2.2. Recognition of the watermark 

Here mostly detect, the palm vein image's watermark data in the recognition phase, autonomous of 
the original images. Extraction of watermark image: the contrary procedure of scrambling can excerpt and 
visually vacate the watermark, and WPVC* is reversely scrambled using the key, SK,of 1D-Chebyshev map 
to get the retrieved watermark, WPVC* denoted as WPVC* = {WPVC* (i,j) € {0,1},0 <i< 1,0 <j < J}. 


2.3. Palmvein authentication 

The IMD authentication technique has been classified into two different phases. In the first phase, the 
user personal details are enrolled, and it is called enrolment process. The acquired information from the person 
is validated in the second phase of verification process, as shown in the Figure 2. 


2.3.1. Palm vein authentication algorithm using zero-watermark 

The entire procedure could be functioned in two steps: the first is to produce the encrypted credential 
template to guarantee confidentiality, and the second is to validate the integrity and authentication of the patient 
and the Pseudocode 1: 


Pseudocode 1. The proposed zero-watermarking approach 

Input: Palm vein image 
Output: Secure palm vein image 

Procedure call key generation () 

original image PV in square size NXN; 
begin 

calculating the coefficients of PVC and calculating T = (Ximax+1)?; 
Sk, =average value of 64 pixels of resulting IXJ coefficient; 
Calculation of feature vector and generate PVCs coefficients 
Compute vector V; 
Generate binary feature sequence BPV; 
Perform XOR operation and generate watermark image, WPVC; 
End 
Reverse watermark generation WPVC* using SK, 
Produce the result of a secure PV image. 
A. Production of encrypted credential data: 
Read entered image (Palm Vein). 
Generate a unique palm vein design from the palm vein image. 
Generate encrypted palm vein code from unique palm vein pattern of Palm vein image. 
Generate a digital binary of personal identity. 
Encrypted Credential Data =XOR (PVC, person ID). 
. stored the encrypted credential data + key (binary person identity) 
B. Validation process: 
Read the Acquired PV. 

Generate a unique palm vein design from the palm vein image. 

Generate encrypted palm vein code from unique palm vein design of Palm vein image. 
Retrieve the key 

Generating encrypted credential data by XOR retrieve key and encrypted PVC. 
IF (login successful) by verifying Reference encrypted credential data == Acquired 
encrypted credential data. 

THEN access IMD 

ELSE the access to IMD is a block 
END IF; 


Dan wWBNHH 


Dow WwHH 


3. RESULTS AND DISCUSSION 

System model: the proposed system will ensure integrity, confidentiality and authentication. 
Guarantee integrity and authentication during the validation/verification process, and guarantee confidentiality 
that the encrypted credential template stored in IMD is cancellable, which is absolutely uninformative and does 
not reveal biometric information. Three factors were applied to quantify the efficacy of the suggested method 
(PV with zero-watermark), such as mean squared errors (MSE), structural similarity (SSIM) and peak signal- 
to-noise ratio (PSNR) (dB). 
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Table 2. The numerical results of existing and proposed methods based on PSNR (dB), MSE and SSIM 


Number PSNR (dB) MSE SIM 
of zero PV with PV with zero PV with 
; Hash- water- zero- Hash- zero zero- Hash- water- zero- 
TneEes ing marking watermark ing watermarking watermark ing marking watermark 
4 26.21 28.56 30.25 0.019 0.017 0.015 0.7321 0.7541 0.8358 
8 27.56 30.14 31.48 0.018 0.015 0.013 0.7841 0.7956 0.8567 
12 29.63 31.56 32.69 0.017 0.012 0.012 0.8014 0.8452 0.8789 
16 31.25 32.59 39.65 0.015 0.01 0.008 0.8241 0.8564 0.8896 
20 32.15 33.54 49.95 0.012 0.009 0.0025 0.8362 0.8741 0.9289 


- PSNR: this is extensively used to measure the watermarked image's quality. The constraint was described 
as the peak signal ratio authority to the level of noises in the reversed watermarked medical data WPV C* 
as stated in (3). A higher PSNR value indicates a better denoising ability of the scheme. 

- MSE: this is a usually used falsification measure and evaluates the average of the square of errors as 
shown in (4). The MSE is nonnegative, and standards nearer to zero are healthier. 


42 
PSNR = logyp (3) 
MSE = —YolWPVC(xi, yi) — WPVC* (xn, ydI? (4) 


= SSIM: the parameter is computed to find the comparation between the encrypted and decrypted palm vein 
images as given in (5). Its rate would be within [0, 1]. An advanced rate designates a better-watermarked 
image. Where p is the average of the image and o are the discrepancies of the images and v, and v2 are 
two variables for alleviating the frail denominator. 


SSIM = (2uwpvc'by pyc*+¥1)(20wPpvc'Hwpyc*tv2) (5) 
(eivevctHivpyc*t¥1)(HivevctHwpvcrt¥2) 


PSNR and MSE-based comparison of several existing methods with the proposed work is shown in 
Figure 4. Figures 4(a) and (b) compared to other techniques like hashing and zero watermarking, the PSNR of 
the suggested method is the greatest at 49.95 dB. PSNR values for various signal kinds and measurement 
techniques are displayed in next section and the preceding techniques have yielded PSNR values between 32.15 
and 33.54 decibels. When compared to alternative techniques like hashing and zero watermarking, the MSE 
value of the suggested approach, 0.0025, is rather small. Reduced MSE values suggest more accurate picture 
registration. As shown from the outcomes, PV with zero-watermark-based approaches is efficient in generating 
medical data security. Although prior approaches achieved low MSE, their performance was restricted by 
computational complexity. 
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Figure 4. Comparison of (a) PSNR and (b) MSE of different methods compared with the proposed 
framework 
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For an example of how the suggested model and SSIM might be used to compare and contrast various 
methods, see Figure 5. Associated to other approaches, the SSIM value produced using the recommended 
framework is higher. Compared to alternative techniques like hashing and zero watermarking, the SSIM of the 
suggested method, 0.9289, is the greatest. Gains in SSIM using existing approaches fall between 0.8362 and 
0.8741. 


=== Hashing === zero watermarking ==te=PV with zero-watermark 


Number of Images 


Figure 5. SSIM of different methods compared with the proposed framework 


4. CONCLUSION 

Since the attacks on IMDs might directly harm patients, their security is crucial. When the patient is 
not in an emergency, IMD operate in a normal situation and several research organizations have looked into 
IMD security concerns in this case. These security schemes would be ineffective in an emergency because they 
require the patient's cooperation. The proposed system recommends a scheme for securing IMD access control 
in emergencies and preventing illegal access to IMDs by combining encrypted PVC and zero-watermark 
(personal identity) to generate encrypted credential data. Before implantation surgery, the encrypted credential 
data and key will be stored in the IMD. The proposed system will ensure integrity, confidentiality and 
authentication. In future a computational approach based on a rapid fourier transform will be used to improve 
the computation precision and agility of the feature abstraction process in medical images. Also, a new chaotic 
map and deep learning-based encryption algorithms will be integrated with the proposed system to boost 
security. 
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